[TriLUG] (no subject)
bp
bp at itchy.kicks-ass.org
Wed Dec 3 17:44:42 EST 2003
I use the following set of command to create self-signed certificates for
AOL IM.
/usr/share/ssl/misc/CA -newreq
/usr/share/ssl/misc/CA -signreq
openssl pkcs12 -export -in newcert.pem -inkey newreq.pem -certfile
demoCA/cacert.pem -name "AIMCertificate" -out mycert.p12
Anyone familar enough with CA to propose how to script this process? I'd
like to either provide all the required input on the commandline or use
redirection to input it. It doesn't appear that CA takes input from the
cmd line nor have I found a way to get redirection to work as it prompts
for you certificate store password (which it's not reading from redirected
standard in)
I'd like to write a script to knock out certificates quickly. Any pointers
on working around this security?
// Yes, I know I'm circumventing some levels of security here.
In case you want the necessary first set of commands to create a new CA:
/usr/share/ssl/misc/CA -newca
openssl x509 -in demoCA/cacert.pem -days 1024 -out cacert.pem -signkey
demoCA/private/cakey.pem
cp cacert.pem demoCA/cacert.pem
More information about the TriLUG
mailing list